Third Party Performance

Metrics are everywhere! We’ve done a great job of keeping pace with measuring the output of our applications, but how are we doing with measuring what really matters? This talk will explore the various metrics available to application owners today, highlight what’s coming tomorrow and level-set on the relative importance as it relates to the user experience.

Metrics are everywhere! We’ve done a great job of keeping pace with measuring the output of our applications, but how are we doing with measuring what really matters? This talk will explore the various metrics available to application owners today, highlight what’s coming tomorrow and level-set on the relative importance as it relates to the user experience.

The document discusses Akamai IO, a new project by Akamai Technologies that will provide insights into Internet traffic patterns based on data from two trillion daily requests Akamai sees, representing 20-30% of global HTTP traffic. Initially, the observatory will provide browser statistics broken down by cellular and non-cellular networks, with plans to expand coverage of object types, page elements, trends, and APIs.

H2 is about a year old and in this talk we will share our experiences from the last 12 months, including: # Case studies to see how performance can be improved over h2 as a turnkey solution, while also addressing backward compatibility # Using RUM data to review performance-related observations of customers after switching to h2 # Hands-on demos of h2 with server push, and h2 + QUIC.

The document introduces Brandon Kang as the speaker for an open seminar. It provides details on Kang's background, including previous roles at Samsung SDS, Microsoft Korea, and the Korea Creative Content Agency. It also lists his areas of writing and mentoring experience in areas like IT trends, web programming, mobile app development, and game development.

This document discusses Akamai Technologies and its evolution from academic research at MIT to a global cloud delivery platform. It outlines Akamai's role in managing complex modern web presences and addresses three grand challenges facing the internet - performance, media delivery, and security. For performance, it discusses ensuring fast delivery to any device. For media, it discusses enabling high-quality video delivery at massive scale. And for security, it discusses protecting from increasingly sophisticated cyber attacks. The document highlights how Akamai's global server network and technologies help customers meet these challenges.

HTTP/2 has been out for about a year. Over that time, Michael Gooding and Javier Garza have worked with many customers to implement it. However, beyond a turnkey solution that offers instant performance gains, HTTP/2 has led to a large amount of questions and confusion about how to optimize for it. Michael and Javier share their experiences with HTTP/2 over the last year, discussing case studies that demonstrate how performance can be improved over HTTP/2 while addressing backward compatibility, exploring using RUM data to review performance-related observations of customers after switching to HTTP/2, and offering hands-on demos of HTTP/2 with server push and HTTP/2 + QUIC. Topics include: Rendering impact without prioritization: Many solutions currently do not support server push or prioritization, which can have a negative impact on rendering when all resources instantly compete for the same bandwidth. Michael and Javier discuss solutions to mitigate this problem. Breaking out to smaller files: Best practices used to dictate combining CSS and JavaScript into as few resources as possible. In an HTTP/2 world, the advice is to leave files alone and serve them as they are. Michael and Javier look at examples where trade-offs exist between the delivery, management, compression, and caching and advise how best to approach the problem. Sprites: As with smaller files, what should we do with sprites in an HTTP/2 world? Looking at examples, Michael and Javier analyze the trade-offs in breaking a sprite out to smaller parts, looking at the effects of less-complex CSS against network performance to see how much of a difference it actually makes on performance. Delivering for HTTP/1.x: Many websites today still have a large user base from older browsers that do not and will not support HTTP/2. By reviewing case study sites optimized for HTTP/2, Michael and Javier display the delta between a site delivered over an HTTP/2 connection and an HTTP/1.x connection. Taking these differences into account, they then explore some common trade-offs and review the delivery options to provide good performance for both protocols at the same time. Real-life HTTP/2 web performance data: Michael and Javier explain how to use RUM data to review web performance data from large websites after enabling HTTP/2 and see the conditions where the performance improvements are at their best. Hands-on demo comparing the web performance of HTTP/2 versus HTTP/1.x 1 and HTTP/2 with server push and QUIC.

Metrics, Best Practices and Tools used in managing site performance. Understand usage of NAV timing metrics, synthetic versus real user monitoring, and performance budgeting.

In this world of myriad devices, having fast, reliable and secure mobile apps is of utmost importance for every business. Fast-paced development is the need of the hour and as businesses are building apps quicker, it is crucial to make sure that mobile apps are tested and reviewed at the same pace to ensure an enhanced end-user experience. In this session, you will learn to test or review whether the Akamai features are working correctly on your mobile apps. We will share troubleshooting tools and best practices to empower you to quickly identify and resolve Akamai-related issues on your mobile apps.

Delivered in Akamai Japan Tech Conf 2018. Presented on various methods to measure a website, and how each of them can be off from what you expected.

The beauty of the Akamai cloud delivery platform is that you can start out simply, and build to more sophisticated configurations as your needs evolve simply by adding additional capabilities. In this session, we'll step through how the various Akamai solutions can build to a single coherent architecture that ensures every user receives the optimal digital experience -- while at the same time mitigating threats and malicious users. We'll show how to "start simple" with site acceleration enabled through the Onboarding and Configuration Assistant, and proceed down the path to fully enabled solutions encompassing Kona Site Defender, Client Reputation, Bot Manager, Image Manager and mPulse real-user monitoring.

AMP has benefits for driving discussion on web performance and collaboration, but it also has significant limitations and drawbacks. While AMP pages load faster initially due to Google's pre-rendering, regular websites optimized for performance can also load very quickly and provide a better user experience through proper branding and interactivity. Overall web performance optimization should go beyond just AMP by focusing on fundamentals like optimizing images, CSS, JavaScript, and the critical rendering path to make entire websites fast for users on all devices.

Many websites use real user measurement data to analyze their performance, as well as to validate that optimizations are having the desired effect on end user experience and business metrics. Akamai's mPulse service is a popular commercial RUM solution that is used by thousands of websites, and it gives us a unique panoptic view of web performance. This is not your typical RUM talk. I won't be talking about implementations, product features, etc. Instead we are going to dive deep into the data and try to answer some interesting questions about the web.

The document discusses key metrics for measuring web performance and identifies common traits of high performing websites. It analyzes data from sources like HTTP Archive, Google BigQuery, and Akamai mPulse to show correlations between page load times and various performance factors. Some best practices recommended are reducing page weight by optimizing images, compressing text assets, limiting third parties and custom web fonts, and ensuring resources in the critical rendering path are optimized.

For many years we have concentrated on back-end and network latency and ignored the processing time on the user device. Today, we spent most time on small mobile devices, compared to laptops they’re underpowered and web performance suffers. While handheld devices get more powerful, web pages get more and more complex. Especially the usage of javascript libraries and css framworks is very computational expensive. Based on data from real users, we quantify the relative importance of network and device for web performance. We also benchmark mobile devices and correlate their power to the web performance they achieve.

The document describes the Application Research Group (ARG) and their work exploring applications built on Filecoin. ARG has created Estuary, an open source project that makes it easy to store data in the Filecoin network. Estuary provides a hosted node, website, and documentation. It handles storing user data through Filecoin storage deals with high replication for reliability. ARG shares details of Estuary publicly to help others learn and provide transparency into its performance and use of Filecoin miners. They aim to help others run their own Estuary nodes and improve the Filecoin storage experience.

i-PANDAWA - SCRUM AGILE - Technology Deep Dive and Standard Operational Procedure Using GIT, RATIONAL, etc

Serverless means handing off server management to the cloud platforms – along with their security risks. With the “pros” ensuring our servers are patched, what’s left for application owners to protect? As it turns out, quite a lot. This talk discusses the aspects of security serverless doesn’t solve, the problems it could make worse, and the tools and practices you can use to keep yourself safe. Required audience experience Basic knowledge of how FaaS and Serverless works Objective of the talk As many companies explore the world of serverless, it’s important they understand the aspects of security this new world helps them with, and the ones they need to care more about. This talk will provide a framework to understand how to prioritise and approach security for Serverless apps.

Guy Podjarny breaks into a vulnerable serverless application and exploits multiple weaknesses, helping better understand some of the mistakes people make, their implications, and how to avoid them. Video available on: https://www.infoq.com/presentations/serverless-security-2017

Slides from my ServerlessConf Austin 2017. Serverless means handing off server management to the cloud platforms - along with their security risks. With the “pros” ensuring our servers are patched, what’s left for application owners to protect? As it turns out, quite a lot. This talk discusses the aspects of security serverless doesn’t solve, the problems it could make worse, and the tools and practices you can use to keep yourself safe

Some of the very things that make JavaScript awesome can also leave it exposed. Guy Podjarny and Danny Grander walk through some sample security flaws unique to Node’s async nature and surrounding ecosystem (or especially relevant to it)—e.g., memory leaks via the buffer object, ReDoS and other algorithmic DoS attacks (which impact Node due to its single-threaded nature), and timing attacks leveraging the EventLoop—and show how these could occur in your own code or in npm dependencies.

npm packages are awesome, but also introduce risk. This presentation explains how packages may introduce known vulnerabilities into your application, explains their impact, and most importantly, shows how to protect yourself. The few slides were complemented by running several vulnerability exploits against the vulnerable demo app Goof from here: https://github.com/Snyk/goof

Building software today involves more assembly than actual coding. Much of our code is in fact pulled in open source packages, and the applications heavily rely on surrounding third party binaries. These third parties make us more productive - but they also introduce an enormous risk. Each third party component is a potential source of vulnerabilities or malicious code, each third party service a potential door into our system. This talk contains more information about this risk, create a framework for digesting and tackling it, and lists a myriad of tools that can help.

The web is becoming increasingly image rich. Between high-resolution mobile screens, Pinterest-style design, and big background graphics, the average image payload has more than doubled in the last three years. While visually appealing, these images carry a substantial performance cost, and — if not optimized correctly — can make a web experience slow and painful, no matter how beautiful it is. In this tutorial we’ll discuss ways that let you provide the eye-pleasing experience you want without sacrificing your site’s performance.You’ll learn about the three primary aspects of image optimization: - Image compression: how to best encode your images, delivering the same picture with the fewest bytes - Image loading: once your files are as small as they can be, we’ll cover the best ways to make them show up quickly in the browser - Operationalizing image optimization: different tools and techniques for integrating image optimization on your site Talk given at Velocity Conf EU 2015: http://velocityconf.com/devops-web-performance-eu-2015/public/schedule/detail/45013